blacknet | 8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547

Analysis

max time kernel
120s
max time network
107s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-10-2024 10:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
Size

83KB
MD5

28d8e79514f4adc08978ad5838044bb0
SHA1

7cf41fae6514bfbd0c0cbba12608a6175f56615f
SHA256

8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547
SHA512

ecd397afeed8d6894b379484ad9a070b79f147dc779191846e6b0130a88482071c1876a6aa12ed134ff41cf05346c8678e8f6d4a76f55fb3d345f3208ee25b8b
SSDEEP

1536:PwPvK/3zvzVohd9BRiF/JUljzJxuOmb54vHTLazm7/:PwiGDjiVQzVmb5uHvmm7/

Score

10^/10

blacknet trojan

Malware Config

Signatures

BlackNET
BlackNET is an open source remote access tool written in VB.NET.
trojan blacknet

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4376	8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe

C:\Users\Admin\AppData\Local\Temp\8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe
"C:\Users\Admin\AppData\Local\Temp\8771b526abb58e278bd901cd38ccb59c234b7ae3cb4d3261da8f43bb43c51547N.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4376-0-0x00007FFAF2DB5000-0x00007FFAF2DB6000-memory.dmp

Filesize
4KB

Download
memory/4376-1-0x000000001C020000-0x000000001C0C6000-memory.dmp

Filesize
664KB

Download
memory/4376-2-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-4-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-3-0x000000001C5A0000-0x000000001CA6E000-memory.dmp

Filesize
4.8MB

Download
memory/4376-5-0x000000001CB30000-0x000000001CBCC000-memory.dmp

Filesize
624KB

Download
memory/4376-6-0x00000000018C0000-0x00000000018C8000-memory.dmp

Filesize
32KB

Download
memory/4376-7-0x000000001CC90000-0x000000001CCDC000-memory.dmp

Filesize
304KB

Download
memory/4376-8-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-9-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-10-0x0000000020090000-0x00000000200F2000-memory.dmp

Filesize
392KB

Download
memory/4376-11-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-12-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-14-0x00007FFAF2DB5000-0x00007FFAF2DB6000-memory.dmp

Filesize
4KB

Download
memory/4376-15-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-13-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-16-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-17-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-18-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-19-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-20-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-21-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-22-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-23-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-24-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-26-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-25-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-27-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-28-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-29-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-30-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-31-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-32-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-33-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-34-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-35-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-36-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-37-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-38-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-39-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-40-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-41-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-42-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-43-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-44-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-45-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-46-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-47-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-48-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-49-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-50-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-51-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-52-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-53-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-54-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-55-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-56-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-57-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-58-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-59-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-60-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-61-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-62-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-63-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-64-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-65-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-66-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-67-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-68-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-69-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-70-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-71-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-72-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-73-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-74-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-75-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-76-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-77-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-78-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-79-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-80-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-81-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-82-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-83-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-84-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-85-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-86-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-87-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-88-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-89-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-90-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-91-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-92-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-93-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-94-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download
memory/4376-95-0x00007FFAF2B00000-0x00007FFAF34A1000-memory.dmp

Filesize
9.6MB

Download